C++: Generate IR for assertions in release builds

[MathiasVP]

In C/C++, assertions are often done via a macro defined like:

#ifdef NDEBUG
#define assert(condition) ((void)0)
#else
#define assert(condition) /* implementation defined */
#endif

where /* implementation defined */ represents the actual operation that implements the assertion in a debug build.

However, in a release build (i.e., when NDEBUG is defined) then no check is performed. This is great for performance, but it means the CodeQL database has no way of observing these conditions. And these conditions often help us remove FPs (i.e., a null check or an index validation prior to a dereference).

This PR adds support for identifying (a small subset of) assertions by generating IR corresponding to the check which would have been performed had assertions been enabled (the rationale being basically the same as what Schack wrote for Java here).

This PR only covers a small subset of assertions since we only have the assertion as text since this is a macro argument. So we have to parse that macro argument in QL 😭. Because of this, I've limited this PR to only genearte IR for an assertion of the form E op E where E is an integer constant, or a local variable, and op is =, !=, <, >, <=, or >=. (Locally, I have a follow-up PR to add support for negations, disjunctions, and conjunctions.)

As I didn't feel like implementing all of C++'s conversion rules the generated IR will also not be totally conversion-correct. For example, in an expression like x < y where x is int and y is unsigned int there would normally be a signed-to-unsigned conversion on x but currently we simply generate a comparison between types of different types. I don't imagine this will be a problem in practice, though.

Commit-by-commit review recommended.

The three new alerts look genuine. They arise because we now realize that there's a suspicious looking assertion here which ought to have been fhSize < dstCapacity.